Skip to main content
close search
site logo

No surprise: The public sector faces more ransomware and cloud-based attacks in 2025

Several factors leave cities and counties more vulnerable to cyber-attacks, including limited security budgets, less mature security programs and slower ability to adapt to evolving threats.

Published June 16, 2025
By Michael Keating

Editor's note: This article was originally published in American City & County, which has merged with Smart Cities Dive to bring you expanded coverage of city innovation and local government. For the latest in smart city news, explore Smart Cities Dive or sign up for our newsletter.

More cities and counties are at risk of ransomware attacks today, says Douglas McKee, executive director of Threat Research at SonicWall, a firm that builds, scales and manages security across the cloud, hybrid and traditional environments in real-time, and seamlessly protects against cyberattacks across many exposure points for increasingly remote, mobile and cloud-enabled users.

“Local governments are often treated the same as small and midsize businesses (SMBs) by threat actors. SMBs are facing a surge in ransomware (8% increase year-over-year in North America), business email compromise (33% increase), and cloud-based attacks as explained in the SonicWall 2024 Threat Report.”

Cities and counties, according to McKee, are exposed to cyber-threats in several areas: “Local governments, like most organizations, are most vulnerable not in their technology — whether email systems, cloud applications or IT hardware — but in their people and processes. Social engineering, misconfigurations and weak access controls continue to pose the greater risks than the systems themselves.”

McKee says several factors leave cities and counties more vulnerable. “Their limited security budgets, less mature security programs and slower ability to adapt to evolving threats make them prime targets. Attackers see SMBs and local governments as easier to breach yet still holding valuable data, driving a growing wave of cyberattacks against them.”

He adds that cities and counties are using a variety of digital security tactics and technologies to fight off hackers and ransomware threats. “Local governments are leveraging next-generation cybersecurity tools like AI, advanced firewalls and endpoint detection and response (EDR) solutions to detect and respond to threat actors more effectively. These technologies enhance real-time threat monitoring, automate responses, and strengthen defenses against ransomware and other cyber-threats.”

McKee advises government and IT administrators to not go it alone. “Partnering with security experts and implementing 24/7 monitoring can significantly improve prevention, detection and response. This also streamlines patch management and vulnerability identification, helping to reduce the critical patching window.” He says taking these protective first steps, which are often recommended by IT experts, will strengthen an agency’s overall security posture.

Regarding cyber-detection and response, McKee believes many public sector agencies still struggle to put industry best practices into action. “Prioritizing real-time patch management, a Zero Trust approach, and implementing a 24/7 security operations center (SOC) can make a big difference.” 

McKee says that a managed service provider (MSP) or a managed security service provider (MSSP) can direct the operations of the SOC. An MSP is a third-party organization that remotely manages a customer's IT infrastructure and end-user systems. MSSP focuses exclusively on cybersecurity services and normally operates out of a security operations center.   

 “Strengthening ransomware defenses with backups, EDR and network segmentation is important, along with locking down Internet of Things (IoT) devices and cloud environments using multi-factor authentication (MFA) and least privilege access,” McKee says.

McKee notes that since human error remains a major risk, ongoing cybersecurity awareness training is a must for agency employees. He adds that the latest SonicWall threat report provides detailed and actionable tips and solutions for solid security hygiene.

 “AI will be a major asset for cities and counties in securing their IT systems. It can enhance vulnerability identification, detect malicious activity and automate remediation efforts, reducing the burden on human teams,” he says. “By handling routine security tasks, AI allows experts to focus on complex threats that require human judgment.”

OMNIA Partners, who sponsors this page, offers a robust portfolio of cooperative contracts in the public procurement space. The firm lists a number of cooperative contracts under the keyword “security.”

Filed Under: Utilities, Tech & Data

Editors' picks

Company Announcements

View all | Post a press release
NJNG Advances Commitment To Cost-Effective Emissions Reduction With The Installation Of Innova…
From Carbon Reform
July 28, 2025
Carbon Reform logo

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Utilities
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.